rack-saml 0.0.3 → 0.0.4

Sign up to get free protection for your applications and to get access to all the features.
data/bin/conv_metadata.rb CHANGED
@@ -32,7 +32,8 @@ def create_entity_hash(elem, list_type)
32
32
  puts "specified metadata has an IdP without certificate!"
33
33
  exit 1
34
34
  end
35
- certificate = "-----BEGIN CERTIFICATE-----#{cert_elem.text.gsub(/\s+$/, "")}\n-----END CERTIFICATE-----"
35
+ # Cert must be split to 64 char lines (else OpenSSL gives "nested asn1" error)
36
+ certificate = "-----BEGIN CERTIFICATE-----\n#{cert_elem.text.gsub(/\s+/, "").scan(/.{1,64}/).join("\n")}\n-----END CERTIFICATE-----"
36
37
  saml2_http_redirect = nil
37
38
  idp_elem.elements.find_all {|el| el.has_name?("SingleSignOnService")}.each do |e|
38
39
  if e.attributes["Binding"] == "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
@@ -47,7 +48,7 @@ def create_entity_hash(elem, list_type)
47
48
  # the first certificate is used
48
49
  # permit a SP without a certificate
49
50
  cert_elem = REXML::XPath.first(sp_elem, './/ds:X509Certificate', 'ds' => DS)
50
- certificate = cert_elem.nil? ? "" : "-----BEGIN CERTIFICATE-----\n#{cert_elem.text.gsub(/\s+$/, "")}\n-----END CERTIFICATE-----"
51
+ certificate = cert_elem.nil? ? "" : "-----BEGIN CERTIFICATE-----\n#{cert_elem.text.gsub(/\s+/, "").scan(/.{1,64}/).join("\n")}\n-----END CERTIFICATE-----"
51
52
  saml2_http_post = nil
52
53
  sp_elem.elements.find_all {|el| el.has_name?("AssertionConsumerService")}.each do |e|
53
54
  if e.attributes["Binding"] == "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
@@ -1,6 +1,6 @@
1
1
  require 'rack'
2
2
  module Rack
3
3
  module Saml
4
- VERSION = "0.0.3"
4
+ VERSION = "0.0.4"
5
5
  end
6
6
  end
data/rack-saml.gemspec CHANGED
@@ -2,7 +2,8 @@
2
2
  require File.expand_path('../lib/rack-saml/version', __FILE__)
3
3
 
4
4
  Gem::Specification.new do |gem|
5
- gem.add_dependency 'ruby-saml', '~> 0.4.7'
5
+ gem.add_dependency 'ruby-saml', '~> 0.5.2'
6
+ gem.add_development_dependency 'rspec'
6
7
 
7
8
  gem.authors = ["Toyokazu Akiyama"]
8
9
  gem.email = ["toyokazu@gmail.com"]
@@ -0,0 +1,13 @@
1
+ ---
2
+ key_type: rsa
3
+ key_size: 2048
4
+ random_files:
5
+ - /etc/
6
+ key_file: idp_key.pem
7
+ req_file: idp_cert.pem
8
+ req_type: x509
9
+ req_days: 3650
10
+ cert_descriptions:
11
+ O: Test Certificate
12
+ OU: Test IdP
13
+ CN: idp.example.com
@@ -0,0 +1,13 @@
1
+ ---
2
+ key_type: rsa
3
+ key_size: 2048
4
+ random_files:
5
+ - /etc/
6
+ key_file: sp_key.pem
7
+ req_file: sp_cert.pem
8
+ req_type: x509
9
+ req_days: 3650
10
+ cert_descriptions:
11
+ O: Test Certificate
12
+ OU: Test SP
13
+ CN: sp.example.com
@@ -0,0 +1,20 @@
1
+ #!/usr/bin/env ruby
2
+
3
+ require 'yaml'
4
+ require 'openssl'
5
+
6
+ path = File.expand_path("../", __FILE__)
7
+ system("/usr/bin/env ruby #{ENV["HOME"]}/.rvm/gems/ruby-1.9.3-p125@rack-saml/gems/rack-saml-0.0.3/bin/conv_metadata.rb #{path}/metadata-without-newline.xml > test.yml")
8
+ #system("/usr/bin/env ruby #{ENV["HOME"]}/Documents/devel/projects/rack-saml/bin/conv_metadata.rb #{path}/metadata-without-newline.xml > test.yml")
9
+ #system("/usr/bin/env ruby #{ENV["HOME"]}/Documents/devel/projects/rack-saml/bin/conv_metadata.rb #{path}/metadata-with-newline.xml > test.yml")
10
+ yaml = YAML.load_file("test.yml")
11
+ f = open("test.pem", "w")
12
+ f.puts yaml["idp_lists"]["https://idp.example.com/idp/shibboleth"]["certificate"]
13
+ f.close
14
+ exit 1
15
+ #begin
16
+ puts OpenSSL::X509::Certificate.new(yaml["idp_lists"]["https://idp.example.com/idp/shibboleth"]["certificate"])
17
+ puts OpenSSL::X509::Certificate.new(yaml["sp_lists"]["https://sp.example.com/shibboleth"]["certificate"])
18
+ #rescue OpenSSL::X509::CertificateError => error
19
+ # puts error.class, "#{error.message}", error.backtrace
20
+ #end
@@ -0,0 +1,22 @@
1
+ -----BEGIN CERTIFICATE-----
2
+ MIIDozCCAougAwIBAgIJAMbCieMzcImnMA0GCSqGSIb3DQEBBQUAMGgxCzAJBgNV
3
+ BAYTAkpQMREwDwYDVQQHDAhBY2FkZW1lMjEZMBcGA1UECgwQVGVzdCBDZXJ0aWZp
4
+ Y2F0ZTERMA8GA1UECwwIVGVzdCBJZFAxGDAWBgNVBAMMD2lkcC5leGFtcGxlLmNv
5
+ bTAeFw0xMjA0MTQxNjA2NDZaFw0yMjA0MTIxNjA2NDZaMGgxCzAJBgNVBAYTAkpQ
6
+ MREwDwYDVQQHDAhBY2FkZW1lMjEZMBcGA1UECgwQVGVzdCBDZXJ0aWZpY2F0ZTER
7
+ MA8GA1UECwwIVGVzdCBJZFAxGDAWBgNVBAMMD2lkcC5leGFtcGxlLmNvbTCCASIw
8
+ DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJreMenBePWcMDu9f6uWunv7q2pK
9
+ G52ieHpcI8E8ZVgfFXd6IYpfMH9fKSqhWBBMZNTU6bnVGsUZPyVZIrjsGqTmwS8Y
10
+ 5LC5tcssyW6t/uN2o5tdI2Glpn6agKrezFWWLUUW+k1KugwbUwiXaDY/krVmbZ6R
11
+ keDfxuJA0mlr4kFtKHcGxMCUccH7vm8KhW6527ysfNIUtsUl9Xgv4rCs1kgjxfr3
12
+ I7Qg9YVnIKXjgOf0ftjiQxkjsIZlQoxJLin/51/SK0pES+G5JBIvCoV2e2bKjGsV
13
+ jUOUydz1k1wl6ML+E/RC6AYlffcwEVTJbM/9uh5K0/rE1fvf+qYxf7j/EPECAwEA
14
+ AaNQME4wHQYDVR0OBBYEFAZC1/xzhUSDNwKsGx+9lxJwlN2+MB8GA1UdIwQYMBaA
15
+ FAZC1/xzhUSDNwKsGx+9lxJwlN2+MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEF
16
+ BQADggEBAA5ltSOo4jVR+clk0ih0D1u9DKUQ7CTXkb6bwEv0ZE0UCOG5eNhRtK3U
17
+ t3GKne14cg3XzD92s1vBlMe54GG0MjW3WFRqyF6cypasun1RohL5gJ0I27Kk2hyU
18
+ jSq2HFtHFDqZ/B1fFiTbJiegMxDh1jw2cfMMGqXI2tsiehUaiN+XUEzJd1tMEexV
19
+ qNyFxwM0nJf9hyBFT8OMT/z6peYOndZuV2pSkBzhJTmQwwG86BFPCaXrfbMHQtjS
20
+ hVwA6C/o0oKqRuldxaeaocXzTWsg4hgEQoqb9INtvfWYMvi/UAxsG0U4O3RmkOv+
21
+ cG33bFZvTYFsna0pcxr5GPetpd4cFXQ=
22
+ -----END CERTIFICATE-----
@@ -0,0 +1,27 @@
1
+ -----BEGIN RSA PRIVATE KEY-----
2
+ MIIEpAIBAAKCAQEAmt4x6cF49ZwwO71/q5a6e/urakobnaJ4elwjwTxlWB8Vd3oh
3
+ il8wf18pKqFYEExk1NTpudUaxRk/JVkiuOwapObBLxjksLm1yyzJbq3+43ajm10j
4
+ YaWmfpqAqt7MVZYtRRb6TUq6DBtTCJdoNj+StWZtnpGR4N/G4kDSaWviQW0odwbE
5
+ wJRxwfu+bwqFbrnbvKx80hS2xSX1eC/isKzWSCPF+vcjtCD1hWcgpeOA5/R+2OJD
6
+ GSOwhmVCjEkuKf/nX9IrSkRL4bkkEi8KhXZ7ZsqMaxWNQ5TJ3PWTXCXowv4T9ELo
7
+ BiV99zARVMlsz/26HkrT+sTV+9/6pjF/uP8Q8QIDAQABAoIBAAq0ZRrVRrkjbKoU
8
+ dSi1KHq9cKHOMY551n4OtGH8/LxUmbVCeeMIpV+Igl3x/RZTUXzsoqM3ubv5/MVm
9
+ HeJOX6EaWiwZOmWE0K4UkG/YExBB+RkaHQH440NJBq/I6rLXyJVH+1EwYx/HG7wy
10
+ Sv/E8S0cwWL+iOjUTvkApgqnbGI9P9A1kT8+YL8v+xa7hd9C+5MMrgrI3/vDRy9S
11
+ CyzogGKU1t+x3RnUw8HoU7t7sjmieFFjyXr27QZmcwpmd5DCe6+mazgZkgHpQdtI
12
+ 51bRa/ijifjn/U2pP2l3Zi+dgo/eNPfxB4FzWjcaiVSnz0ijA7t3ZP7sIXOJ4oEK
13
+ xZ7q4IkCgYEAy7PXymkHoJDj9koscoqcLkKzKIUsQqrzf5d7LbUSDEEBv6HplKAq
14
+ PDcffUOwTZpdvarhgMNnPW4j5VpPUanEFlHD+foyI5CCmBsCuwRLcRk5mfEPOF+9
15
+ fyxuWHIuB1qzPogZOsc9omBO9IbyJtdoQuHQpOC4fvHaTonWXRa2Dy8CgYEAwqC/
16
+ AGZDsOQx/OLTpDIq2q8xqq5lajuxrBh4b98HGzsq/AhP2/Ole455DNiRl5fraZgD
17
+ iRomPawe7FlWF1E2erJjBlWQgzfS/EfxRtFCZERTbWwDCsQMzfvBru67g/ixo3UX
18
+ gtWhsEZ6AoPbzDf5Ps9YXRWwiwyL1Gh2VjDH2d8CgYAnWynYC47TsOq6TP5lau5d
19
+ 6bkfnQs+HjVJc4TzAcbo4y5pTekJNCC03ZmR5CAN/kMaQAetjxNFRSBeUaJ9jqU6
20
+ ArYwd+xz/pmctatDYsMIqOz+Fxrvs1+zUGxJXlYSSa3T6Qum1ZPM6XqXt/LVGk0k
21
+ juh20owSyrt47Ryjg53NNQKBgQCOZWd5VljeOgbsu9QWxPGfsCBJfXELqYMTo4+y
22
+ Yd3kKYUIgthS189SN+oO4QCchfUh+6tSiwRBiQXS7IXVZ4DRgmR7BO1HY/eExuob
23
+ Yw0NKQRVAXq0TL4FktWhNF+TbcgiDJBYFA9JVjb8UhblMmq0bqV67VyOT26ayJcT
24
+ 9nqxxwKBgQC1otwxHZzhUwskLyOGU4H3mQ2tRNtxoUp92M29a1p9kyUHMMIrBRRW
25
+ Dn+m3BoiBpvMW6gA3mEIJtW0eeyDyj3PStEuPxZ9V5CKS+Dm0MdSx8elQwRTMcWA
26
+ KUpaH4KB1ZKF0EbgAeDBK0XfGAO5t41wpYC3JfA0V2sOFf0j5c082g==
27
+ -----END RSA PRIVATE KEY-----
@@ -0,0 +1,169 @@
1
+ <EntitiesDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" Name="Test">
2
+ <EntityDescriptor ID="PI0030JP" xmlns="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" entityID="https://idp.example.com/idp/shibboleth">
3
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
4
+
5
+ <Extensions>
6
+ <shibmd:Scope regexp="false">example.com</shibmd:Scope>
7
+ </Extensions>
8
+
9
+ <KeyDescriptor>
10
+ <ds:KeyInfo>
11
+ <ds:X509Data>
12
+ <ds:X509Certificate>
13
+ MIIDozCCAougAwIBAgIJAM4RrKvcNVYiMA0GCSqGSIb3DQEBBQUAMGgxCzAJBgNV
14
+ BAYTAkpQMREwDwYDVQQHDAhBY2FkZW1lMjEZMBcGA1UECgwQVGVzdCBDZXJ0aWZp
15
+ Y2F0ZTERMA8GA1UECwwIVGVzdCBJZFAxGDAWBgNVBAMMD2lkcC5leGFtcGxlLmNv
16
+ bTAeFw0xMjA0MTMwMzMxMjNaFw0xMjA1MTMwMzMxMjNaMGgxCzAJBgNVBAYTAkpQ
17
+ MREwDwYDVQQHDAhBY2FkZW1lMjEZMBcGA1UECgwQVGVzdCBDZXJ0aWZpY2F0ZTER
18
+ MA8GA1UECwwIVGVzdCBJZFAxGDAWBgNVBAMMD2lkcC5leGFtcGxlLmNvbTCCASIw
19
+ DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAPQTaONZxbLElsl5wr7UdV6YpsV2
20
+ 1wTe5GOUja7D+mcct8TJLcFu7m/OaK3qlsGYL0IdrTOHbhjgJlWzb03eIbFxFDuo
21
+ rDBnDVSoi2k917DJyBx4lUng+28EAqCUhuXv41XbX30ILL7CO1DxQ6UBhOYgGTx0
22
+ SbNhOQsdWojJlDuRA9IG2s2dg9KWkT9j9t29OftR8Y6OVmui6MdLOgXHT3NARFN9
23
+ sHYFbOntFZjRbp70c+wzIOZVF0bmq4UFyLp8xQVdKlNz6oo/QAVgTA9NMG3hhrY3
24
+ 6hsFuAHBCbAadKhQMIit3KWbBSb1TyprO3iW/lftIti9XAaX/L+RSH4FvqsCAwEA
25
+ AaNQME4wHQYDVR0OBBYEFAQBsI28WO2nZomTF4wO183+mJ13MB8GA1UdIwQYMBaA
26
+ FAQBsI28WO2nZomTF4wO183+mJ13MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEF
27
+ BQADggEBAEkmE0x1kqejIDD/f/xc17hnqw3NnrO++gmV2qI32dXRD/fwuf4mP4DS
28
+ Cin1B/8+OYLyJqMYR4eYPFlusM4FnbsETzcdjXWBBzYqdyNAyj1VLeDarAIM2oFr
29
+ c3p4EMzciK45e4tj7Td5Od//5LOQZPn3uFaFcEiK8fT8Zv9QZMJhw2ZuY7+dGhJu
30
+ IU1ECYI3U2UM0o70uuAsI4vLleB40t/CfL0c2l6/dCkouNa5I1r9P1kgIIrAUMtj
31
+ xBgAziCRHiU9WXEYXW6lKEFD5O2ZaElQPQf1CCCRCxPIgk8VupTE00cUTD6LzaNg
32
+ ugi1RlXP1NCK8NmORZQLEg7n38vHCiI=
33
+ </ds:X509Certificate>
34
+ </ds:X509Data>
35
+ </ds:KeyInfo>
36
+ </KeyDescriptor>
37
+
38
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.example.com:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"/>
39
+
40
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.example.com:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"/>
41
+
42
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
43
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
44
+
45
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://idp.example.com/idp/profile/Shibboleth/SSO"/>
46
+
47
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp.example.com/idp/profile/SAML2/POST/SSO"/>
48
+
49
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://idp.example.com/idp/profile/SAML2/POST-SimpleSign/SSO"/>
50
+
51
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp.example.com/idp/profile/SAML2/Redirect/SSO"/>
52
+ </IDPSSODescriptor>
53
+
54
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
55
+
56
+ <Extensions>
57
+ <shibmd:Scope regexp="false">ac.jp</shibmd:Scope>
58
+ </Extensions>
59
+
60
+ <KeyDescriptor>
61
+ <ds:KeyInfo>
62
+ <ds:X509Data>
63
+ <ds:X509Certificate>
64
+ MIIDozCCAougAwIBAgIJAM4RrKvcNVYiMA0GCSqGSIb3DQEBBQUAMGgxCzAJBgNV
65
+ BAYTAkpQMREwDwYDVQQHDAhBY2FkZW1lMjEZMBcGA1UECgwQVGVzdCBDZXJ0aWZp
66
+ Y2F0ZTERMA8GA1UECwwIVGVzdCBJZFAxGDAWBgNVBAMMD2lkcC5leGFtcGxlLmNv
67
+ bTAeFw0xMjA0MTMwMzMxMjNaFw0xMjA1MTMwMzMxMjNaMGgxCzAJBgNVBAYTAkpQ
68
+ MREwDwYDVQQHDAhBY2FkZW1lMjEZMBcGA1UECgwQVGVzdCBDZXJ0aWZpY2F0ZTER
69
+ MA8GA1UECwwIVGVzdCBJZFAxGDAWBgNVBAMMD2lkcC5leGFtcGxlLmNvbTCCASIw
70
+ DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAPQTaONZxbLElsl5wr7UdV6YpsV2
71
+ 1wTe5GOUja7D+mcct8TJLcFu7m/OaK3qlsGYL0IdrTOHbhjgJlWzb03eIbFxFDuo
72
+ rDBnDVSoi2k917DJyBx4lUng+28EAqCUhuXv41XbX30ILL7CO1DxQ6UBhOYgGTx0
73
+ SbNhOQsdWojJlDuRA9IG2s2dg9KWkT9j9t29OftR8Y6OVmui6MdLOgXHT3NARFN9
74
+ sHYFbOntFZjRbp70c+wzIOZVF0bmq4UFyLp8xQVdKlNz6oo/QAVgTA9NMG3hhrY3
75
+ 6hsFuAHBCbAadKhQMIit3KWbBSb1TyprO3iW/lftIti9XAaX/L+RSH4FvqsCAwEA
76
+ AaNQME4wHQYDVR0OBBYEFAQBsI28WO2nZomTF4wO183+mJ13MB8GA1UdIwQYMBaA
77
+ FAQBsI28WO2nZomTF4wO183+mJ13MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEF
78
+ BQADggEBAEkmE0x1kqejIDD/f/xc17hnqw3NnrO++gmV2qI32dXRD/fwuf4mP4DS
79
+ Cin1B/8+OYLyJqMYR4eYPFlusM4FnbsETzcdjXWBBzYqdyNAyj1VLeDarAIM2oFr
80
+ c3p4EMzciK45e4tj7Td5Od//5LOQZPn3uFaFcEiK8fT8Zv9QZMJhw2ZuY7+dGhJu
81
+ IU1ECYI3U2UM0o70uuAsI4vLleB40t/CfL0c2l6/dCkouNa5I1r9P1kgIIrAUMtj
82
+ xBgAziCRHiU9WXEYXW6lKEFD5O2ZaElQPQf1CCCRCxPIgk8VupTE00cUTD6LzaNg
83
+ ugi1RlXP1NCK8NmORZQLEg7n38vHCiI=
84
+ </ds:X509Certificate>
85
+ </ds:X509Data>
86
+ </ds:KeyInfo>
87
+ </KeyDescriptor>
88
+
89
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.example.com:8443/idp/profile/SAML1/SOAP/AttributeQuery"/>
90
+
91
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.example.com:8443/idp/profile/SAML2/SOAP/AttributeQuery"/>
92
+
93
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
94
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
95
+
96
+ </AttributeAuthorityDescriptor>
97
+ <Organization>
98
+ <OrganizationName xml:lang="en">Local IdP</OrganizationName>
99
+ <OrganizationName xml:lang="ja">ローカルIdP</OrganizationName>
100
+ <OrganizationDisplayName xml:lang="en">Local IdP</OrganizationDisplayName>
101
+ <OrganizationDisplayName xml:lang="ja">ローカルIdP</OrganizationDisplayName>
102
+ <OrganizationURL xml:lang="en">http://www.example.com/</OrganizationURL>
103
+ </Organization>
104
+ <ContactPerson contactType="technical">
105
+ <GivenName>User</GivenName>
106
+ <SurName>Test</SurName>
107
+ <EmailAddress>test@example.com</EmailAddress>
108
+ </ContactPerson>
109
+
110
+ </EntityDescriptor>
111
+
112
+ <md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" ID="_cebe60aa72b70c850c1ecc6caca16d74ed0bc858" entityID="https://sp.example.com/shibboleth">
113
+
114
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
115
+ <md:Extensions>
116
+ <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://sp.example.com/Shibboleth.sso/Login"/>
117
+ <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://sp.example.com/Shibboleth.sso/DS"/>
118
+ <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://sp.example.com/Shibboleth.sso/DS" index="1"/>
119
+ </md:Extensions>
120
+ <md:KeyDescriptor>
121
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
122
+ <ds:KeyName>sp.example.com</ds:KeyName>
123
+ <ds:X509Data>
124
+ <ds:X509SubjectName>CN=sp.example.com,OU=Test SP,O=Test Certificate</ds:X509SubjectName>
125
+ <ds:X509Certificate>
126
+ MIIDnzCCAoegAwIBAgIJAOibZtWndr86MA0GCSqGSIb3DQEBBQUAMGYxCzAJBgNV
127
+ BAYTAkpQMREwDwYDVQQHDAhBY2FkZW1lMjEZMBcGA1UECgwQVGVzdCBDZXJ0aWZp
128
+ Y2F0ZTEQMA4GA1UECwwHVGVzdCBTUDEXMBUGA1UEAwwOc3AuZXhhbXBsZS5jb20w
129
+ HhcNMTIwNDEzMDMzMjI1WhcNMTIwNTEzMDMzMjI1WjBmMQswCQYDVQQGEwJKUDER
130
+ MA8GA1UEBwwIQWNhZGVtZTIxGTAXBgNVBAoMEFRlc3QgQ2VydGlmaWNhdGUxEDAO
131
+ BgNVBAsMB1Rlc3QgU1AxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIIBIjANBgkq
132
+ hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA34MFSNC1wGMrBp/OyzoNFwiDIpmri3BS
133
+ NbPbmeFKhJfukwAwyYRxhGAz/OQAxruS0DriQ73RcSe6f0WEW+URKkdgx+MiUHgh
134
+ yqNtVjlhNhRSL19kVdddBkFtNSh0/2iA384x0PcXIpfEB9jonX25LGQN9GJWPHam
135
+ ievkj4MwI0cwU4mC9Su8kD2BSccoNpb68pwEI+JizFXTSe9IcA1tJvvxmkecVCTZ
136
+ hS2ztbSm24PUlu7igWruVH/jqtj3YeJMZvKgj6NiwdXOL6+hVuJKO/eNB96yztH3
137
+ v4KSb3JEE2/2w6K5FSX8qsKDZ/VAq7FRXOwRKYdaX2pNMgWtvr0T/wIDAQABo1Aw
138
+ TjAdBgNVHQ4EFgQUhxf8wd5vCyK8bdWCB2ZkmJwW5F4wHwYDVR0jBBgwFoAUhxf8
139
+ wd5vCyK8bdWCB2ZkmJwW5F4wDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOC
140
+ AQEAzdQxcUNXP4izy2Yoz2yUlmt5jjQX89uRxrGv6Hf11D3vxiZz4Srxzi8v2Pz7
141
+ 7A3Q7qqrIlV6uXj0WvojnalNl2ExY/a1WRz4tO8aI6WsQ7T97UZ2tlJEvR65htIb
142
+ M27x3j7Ui6xlNcGsm6hlMsm7jUF9oPC2xrSc+sk1ggANkKTpZ/Ui2dkKutLTPMa5
143
+ KUGkZGOUMrv0xxkUC6zp4bQb6t++4YL4pkY7s+PVOYjZmM1ARM2QP/O6ZeSLe4LQ
144
+ NQS8WfRq0dmNk/QKOqTLIH7ppDar6i7oc1m+sJ+zskhTZnYWzUk6STa6uAfWJ3Z7
145
+ ILRuorZXobhI0ENI4hv2yYEsWQ==
146
+ </ds:X509Certificate>
147
+ </ds:X509Data>
148
+ </ds:KeyInfo>
149
+ </md:KeyDescriptor>
150
+ <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://sp.example.com/Shibboleth.sso/Artifact/SOAP" index="1"/>
151
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://sp.example.com/Shibboleth.sso/SLO/SOAP"/>
152
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://sp.example.com/Shibboleth.sso/SLO/Redirect"/>
153
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://sp.example.com/Shibboleth.sso/SLO/POST"/>
154
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://sp.example.com/Shibboleth.sso/SLO/Artifact"/>
155
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://sp.example.com/Shibboleth.sso/NIM/SOAP"/>
156
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://sp.example.com/Shibboleth.sso/NIM/Redirect"/>
157
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://sp.example.com/Shibboleth.sso/NIM/POST"/>
158
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://sp.example.com/Shibboleth.sso/NIM/Artifact"/>
159
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://sp.example.com/Shibboleth.sso/SAML2/POST" index="1"/>
160
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://sp.example.com/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
161
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://sp.example.com/Shibboleth.sso/SAML2/Artifact" index="3"/>
162
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://sp.example.com/Shibboleth.sso/SAML2/ECP" index="4"/>
163
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://sp.example.com/Shibboleth.sso/SAML/POST" index="5"/>
164
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://sp.example.com/Shibboleth.sso/SAML/Artifact" index="6"/>
165
+ </md:SPSSODescriptor>
166
+
167
+ </md:EntityDescriptor>
168
+
169
+ </EntitiesDescriptor>
@@ -0,0 +1,112 @@
1
+ <EntitiesDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" Name="Test">
2
+ <EntityDescriptor ID="PI0030JP" xmlns="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" entityID="https://idp.example.com/idp/shibboleth">
3
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
4
+
5
+ <Extensions>
6
+ <shibmd:Scope regexp="false">example.com</shibmd:Scope>
7
+ </Extensions>
8
+
9
+ <KeyDescriptor>
10
+ <ds:KeyInfo>
11
+ <ds:X509Data>
12
+ <ds:X509Certificate>
13
+ MIIDozCCAougAwIBAgIJAM4RrKvcNVYiMA0GCSqGSIb3DQEBBQUAMGgxCzAJBgNVBAYTAkpQMREwDwYDVQQHDAhBY2FkZW1lMjEZMBcGA1UECgwQVGVzdCBDZXJ0aWZpY2F0ZTERMA8GA1UECwwIVGVzdCBJZFAxGDAWBgNVBAMMD2lkcC5leGFtcGxlLmNvbTAeFw0xMjA0MTMwMzMxMjNaFw0xMjA1MTMwMzMxMjNaMGgxCzAJBgNVBAYTAkpQMREwDwYDVQQHDAhBY2FkZW1lMjEZMBcGA1UECgwQVGVzdCBDZXJ0aWZpY2F0ZTERMA8GA1UECwwIVGVzdCBJZFAxGDAWBgNVBAMMD2lkcC5leGFtcGxlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAPQTaONZxbLElsl5wr7UdV6YpsV21wTe5GOUja7D+mcct8TJLcFu7m/OaK3qlsGYL0IdrTOHbhjgJlWzb03eIbFxFDuorDBnDVSoi2k917DJyBx4lUng+28EAqCUhuXv41XbX30ILL7CO1DxQ6UBhOYgGTx0SbNhOQsdWojJlDuRA9IG2s2dg9KWkT9j9t29OftR8Y6OVmui6MdLOgXHT3NARFN9sHYFbOntFZjRbp70c+wzIOZVF0bmq4UFyLp8xQVdKlNz6oo/QAVgTA9NMG3hhrY36hsFuAHBCbAadKhQMIit3KWbBSb1TyprO3iW/lftIti9XAaX/L+RSH4FvqsCAwEAAaNQME4wHQYDVR0OBBYEFAQBsI28WO2nZomTF4wO183+mJ13MB8GA1UdIwQYMBaAFAQBsI28WO2nZomTF4wO183+mJ13MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAEkmE0x1kqejIDD/f/xc17hnqw3NnrO++gmV2qI32dXRD/fwuf4mP4DSCin1B/8+OYLyJqMYR4eYPFlusM4FnbsETzcdjXWBBzYqdyNAyj1VLeDarAIM2oFrc3p4EMzciK45e4tj7Td5Od//5LOQZPn3uFaFcEiK8fT8Zv9QZMJhw2ZuY7+dGhJuIU1ECYI3U2UM0o70uuAsI4vLleB40t/CfL0c2l6/dCkouNa5I1r9P1kgIIrAUMtjxBgAziCRHiU9WXEYXW6lKEFD5O2ZaElQPQf1CCCRCxPIgk8VupTE00cUTD6LzaNgugi1RlXP1NCK8NmORZQLEg7n38vHCiI=
14
+ </ds:X509Certificate>
15
+ </ds:X509Data>
16
+ </ds:KeyInfo>
17
+ </KeyDescriptor>
18
+
19
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.example.com:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"/>
20
+
21
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.example.com:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"/>
22
+
23
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
24
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
25
+
26
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://idp.example.com/idp/profile/Shibboleth/SSO"/>
27
+
28
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp.example.com/idp/profile/SAML2/POST/SSO"/>
29
+
30
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://idp.example.com/idp/profile/SAML2/POST-SimpleSign/SSO"/>
31
+
32
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp.example.com/idp/profile/SAML2/Redirect/SSO"/>
33
+ </IDPSSODescriptor>
34
+
35
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
36
+
37
+ <Extensions>
38
+ <shibmd:Scope regexp="false">example.com</shibmd:Scope>
39
+ </Extensions>
40
+
41
+ <KeyDescriptor>
42
+ <ds:KeyInfo>
43
+ <ds:X509Data>
44
+ <ds:X509Certificate>
45
+ MIIDozCCAougAwIBAgIJAM4RrKvcNVYiMA0GCSqGSIb3DQEBBQUAMGgxCzAJBgNVBAYTAkpQMREwDwYDVQQHDAhBY2FkZW1lMjEZMBcGA1UECgwQVGVzdCBDZXJ0aWZpY2F0ZTERMA8GA1UECwwIVGVzdCBJZFAxGDAWBgNVBAMMD2lkcC5leGFtcGxlLmNvbTAeFw0xMjA0MTMwMzMxMjNaFw0xMjA1MTMwMzMxMjNaMGgxCzAJBgNVBAYTAkpQMREwDwYDVQQHDAhBY2FkZW1lMjEZMBcGA1UECgwQVGVzdCBDZXJ0aWZpY2F0ZTERMA8GA1UECwwIVGVzdCBJZFAxGDAWBgNVBAMMD2lkcC5leGFtcGxlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAPQTaONZxbLElsl5wr7UdV6YpsV21wTe5GOUja7D+mcct8TJLcFu7m/OaK3qlsGYL0IdrTOHbhjgJlWzb03eIbFxFDuorDBnDVSoi2k917DJyBx4lUng+28EAqCUhuXv41XbX30ILL7CO1DxQ6UBhOYgGTx0SbNhOQsdWojJlDuRA9IG2s2dg9KWkT9j9t29OftR8Y6OVmui6MdLOgXHT3NARFN9sHYFbOntFZjRbp70c+wzIOZVF0bmq4UFyLp8xQVdKlNz6oo/QAVgTA9NMG3hhrY36hsFuAHBCbAadKhQMIit3KWbBSb1TyprO3iW/lftIti9XAaX/L+RSH4FvqsCAwEAAaNQME4wHQYDVR0OBBYEFAQBsI28WO2nZomTF4wO183+mJ13MB8GA1UdIwQYMBaAFAQBsI28WO2nZomTF4wO183+mJ13MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAEkmE0x1kqejIDD/f/xc17hnqw3NnrO++gmV2qI32dXRD/fwuf4mP4DSCin1B/8+OYLyJqMYR4eYPFlusM4FnbsETzcdjXWBBzYqdyNAyj1VLeDarAIM2oFrc3p4EMzciK45e4tj7Td5Od//5LOQZPn3uFaFcEiK8fT8Zv9QZMJhw2ZuY7+dGhJuIU1ECYI3U2UM0o70uuAsI4vLleB40t/CfL0c2l6/dCkouNa5I1r9P1kgIIrAUMtjxBgAziCRHiU9WXEYXW6lKEFD5O2ZaElQPQf1CCCRCxPIgk8VupTE00cUTD6LzaNgugi1RlXP1NCK8NmORZQLEg7n38vHCiI=
46
+ </ds:X509Certificate>
47
+ </ds:X509Data>
48
+ </ds:KeyInfo>
49
+ </KeyDescriptor>
50
+
51
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.example.com:8443/idp/profile/SAML1/SOAP/AttributeQuery"/>
52
+
53
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.example.com:8443/idp/profile/SAML2/SOAP/AttributeQuery"/>
54
+
55
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
56
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
57
+
58
+ </AttributeAuthorityDescriptor>
59
+ <Organization>
60
+ <OrganizationName xml:lang="en">Local IdP</OrganizationName>
61
+ <OrganizationName xml:lang="ja">ローカルIdP</OrganizationName>
62
+ <OrganizationDisplayName xml:lang="en">Local IdP</OrganizationDisplayName>
63
+ <OrganizationDisplayName xml:lang="ja">ローカルIdP</OrganizationDisplayName>
64
+ <OrganizationURL xml:lang="en">http://www.example.com/</OrganizationURL>
65
+ </Organization>
66
+ <ContactPerson contactType="technical">
67
+ <GivenName>User</GivenName>
68
+ <SurName>Test</SurName>
69
+ <EmailAddress>test@example.com</EmailAddress>
70
+ </ContactPerson>
71
+
72
+ </EntityDescriptor>
73
+
74
+ <md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" ID="_cebe60aa72b70c850c1ecc6caca16d74ed0bc858" entityID="https://sp.example.com/shibboleth">
75
+
76
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
77
+ <md:Extensions>
78
+ <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://sp.example.com/Shibboleth.sso/Login"/>
79
+ <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://sp.example.com/Shibboleth.sso/DS"/>
80
+ <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://sp.example.com/Shibboleth.sso/DS" index="1"/>
81
+ </md:Extensions>
82
+ <md:KeyDescriptor>
83
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
84
+ <ds:KeyName>sp.example.com</ds:KeyName>
85
+ <ds:X509Data>
86
+ <ds:X509SubjectName>CN=sp.example.com,OU=Test SP,O=Test Certificate</ds:X509SubjectName>
87
+ <ds:X509Certificate>
88
+ MIIDnzCCAoegAwIBAgIJAOibZtWndr86MA0GCSqGSIb3DQEBBQUAMGYxCzAJBgNVBAYTAkpQMREwDwYDVQQHDAhBY2FkZW1lMjEZMBcGA1UECgwQVGVzdCBDZXJ0aWZpY2F0ZTEQMA4GA1UECwwHVGVzdCBTUDEXMBUGA1UEAwwOc3AuZXhhbXBsZS5jb20wHhcNMTIwNDEzMDMzMjI1WhcNMTIwNTEzMDMzMjI1WjBmMQswCQYDVQQGEwJKUDERMA8GA1UEBwwIQWNhZGVtZTIxGTAXBgNVBAoMEFRlc3QgQ2VydGlmaWNhdGUxEDAOBgNVBAsMB1Rlc3QgU1AxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA34MFSNC1wGMrBp/OyzoNFwiDIpmri3BSNbPbmeFKhJfukwAwyYRxhGAz/OQAxruS0DriQ73RcSe6f0WEW+URKkdgx+MiUHghyqNtVjlhNhRSL19kVdddBkFtNSh0/2iA384x0PcXIpfEB9jonX25LGQN9GJWPHamievkj4MwI0cwU4mC9Su8kD2BSccoNpb68pwEI+JizFXTSe9IcA1tJvvxmkecVCTZhS2ztbSm24PUlu7igWruVH/jqtj3YeJMZvKgj6NiwdXOL6+hVuJKO/eNB96yztH3v4KSb3JEE2/2w6K5FSX8qsKDZ/VAq7FRXOwRKYdaX2pNMgWtvr0T/wIDAQABo1AwTjAdBgNVHQ4EFgQUhxf8wd5vCyK8bdWCB2ZkmJwW5F4wHwYDVR0jBBgwFoAUhxf8wd5vCyK8bdWCB2ZkmJwW5F4wDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEAzdQxcUNXP4izy2Yoz2yUlmt5jjQX89uRxrGv6Hf11D3vxiZz4Srxzi8v2Pz77A3Q7qqrIlV6uXj0WvojnalNl2ExY/a1WRz4tO8aI6WsQ7T97UZ2tlJEvR65htIbM27x3j7Ui6xlNcGsm6hlMsm7jUF9oPC2xrSc+sk1ggANkKTpZ/Ui2dkKutLTPMa5KUGkZGOUMrv0xxkUC6zp4bQb6t++4YL4pkY7s+PVOYjZmM1ARM2QP/O6ZeSLe4LQNQS8WfRq0dmNk/QKOqTLIH7ppDar6i7oc1m+sJ+zskhTZnYWzUk6STa6uAfWJ3Z7ILRuorZXobhI0ENI4hv2yYEsWQ==
89
+ </ds:X509Certificate>
90
+ </ds:X509Data>
91
+ </ds:KeyInfo>
92
+ </md:KeyDescriptor>
93
+ <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://sp.example.com/Shibboleth.sso/Artifact/SOAP" index="1"/>
94
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://sp.example.com/Shibboleth.sso/SLO/SOAP"/>
95
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://sp.example.com/Shibboleth.sso/SLO/Redirect"/>
96
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://sp.example.com/Shibboleth.sso/SLO/POST"/>
97
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://sp.example.com/Shibboleth.sso/SLO/Artifact"/>
98
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://sp.example.com/Shibboleth.sso/NIM/SOAP"/>
99
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://sp.example.com/Shibboleth.sso/NIM/Redirect"/>
100
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://sp.example.com/Shibboleth.sso/NIM/POST"/>
101
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://sp.example.com/Shibboleth.sso/NIM/Artifact"/>
102
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://sp.example.com/Shibboleth.sso/SAML2/POST" index="1"/>
103
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://sp.example.com/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
104
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://sp.example.com/Shibboleth.sso/SAML2/Artifact" index="3"/>
105
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://sp.example.com/Shibboleth.sso/SAML2/ECP" index="4"/>
106
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://sp.example.com/Shibboleth.sso/SAML/POST" index="5"/>
107
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://sp.example.com/Shibboleth.sso/SAML/Artifact" index="6"/>
108
+ </md:SPSSODescriptor>
109
+
110
+ </md:EntityDescriptor>
111
+
112
+ </EntitiesDescriptor>
@@ -0,0 +1,109 @@
1
+ <EntitiesDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" Name="Test">
2
+ <EntityDescriptor ID="PI0030JP" xmlns="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" entityID="https://idp.example.com/idp/shibboleth">
3
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
4
+
5
+ <Extensions>
6
+ <shibmd:Scope regexp="false">example.com</shibmd:Scope>
7
+ </Extensions>
8
+
9
+ <KeyDescriptor>
10
+ <ds:KeyInfo>
11
+ <ds:X509Data>
12
+ <ds:X509Certificate>
13
+ </ds:X509Certificate>
14
+ </ds:X509Data>
15
+ </ds:KeyInfo>
16
+ </KeyDescriptor>
17
+
18
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.example.com:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"/>
19
+
20
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.example.com:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"/>
21
+
22
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
23
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
24
+
25
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://idp.example.com/idp/profile/Shibboleth/SSO"/>
26
+
27
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp.example.com/idp/profile/SAML2/POST/SSO"/>
28
+
29
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://idp.example.com/idp/profile/SAML2/POST-SimpleSign/SSO"/>
30
+
31
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp.example.com/idp/profile/SAML2/Redirect/SSO"/>
32
+ </IDPSSODescriptor>
33
+
34
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
35
+
36
+ <Extensions>
37
+ <shibmd:Scope regexp="false">ac.jp</shibmd:Scope>
38
+ </Extensions>
39
+
40
+ <KeyDescriptor>
41
+ <ds:KeyInfo>
42
+ <ds:X509Data>
43
+ <ds:X509Certificate>
44
+ </ds:X509Certificate>
45
+ </ds:X509Data>
46
+ </ds:KeyInfo>
47
+ </KeyDescriptor>
48
+
49
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.example.com:8443/idp/profile/SAML1/SOAP/AttributeQuery"/>
50
+
51
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.example.com:8443/idp/profile/SAML2/SOAP/AttributeQuery"/>
52
+
53
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
54
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
55
+
56
+ </AttributeAuthorityDescriptor>
57
+ <Organization>
58
+ <OrganizationName xml:lang="en">Local IdP</OrganizationName>
59
+ <OrganizationName xml:lang="ja">ローカルIdP</OrganizationName>
60
+ <OrganizationDisplayName xml:lang="en">Local IdP</OrganizationDisplayName>
61
+ <OrganizationDisplayName xml:lang="ja">ローカルIdP</OrganizationDisplayName>
62
+ <OrganizationURL xml:lang="en">http://www.example.com/</OrganizationURL>
63
+ </Organization>
64
+ <ContactPerson contactType="technical">
65
+ <GivenName>User</GivenName>
66
+ <SurName>Test</SurName>
67
+ <EmailAddress>test@example.com</EmailAddress>
68
+ </ContactPerson>
69
+
70
+ </EntityDescriptor>
71
+
72
+ <md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" ID="_cebe60aa72b70c850c1ecc6caca16d74ed0bc858" entityID="https://sp.example.com/shibboleth">
73
+
74
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
75
+ <md:Extensions>
76
+ <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://sp.example.com/Shibboleth.sso/Login"/>
77
+ <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://sp.example.com/Shibboleth.sso/DS"/>
78
+ <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://sp.example.com/Shibboleth.sso/DS" index="1"/>
79
+ </md:Extensions>
80
+ <md:KeyDescriptor>
81
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
82
+ <ds:KeyName>sp.example.com</ds:KeyName>
83
+ <ds:X509Data>
84
+ <ds:X509SubjectName>CN=sp.example.com,OU=Test SP,O=Test Certificate</ds:X509SubjectName>
85
+ <ds:X509Certificate>
86
+ </ds:X509Certificate>
87
+ </ds:X509Data>
88
+ </ds:KeyInfo>
89
+ </md:KeyDescriptor>
90
+ <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://sp.example.com/Shibboleth.sso/Artifact/SOAP" index="1"/>
91
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://sp.example.com/Shibboleth.sso/SLO/SOAP"/>
92
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://sp.example.com/Shibboleth.sso/SLO/Redirect"/>
93
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://sp.example.com/Shibboleth.sso/SLO/POST"/>
94
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://sp.example.com/Shibboleth.sso/SLO/Artifact"/>
95
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://sp.example.com/Shibboleth.sso/NIM/SOAP"/>
96
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://sp.example.com/Shibboleth.sso/NIM/Redirect"/>
97
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://sp.example.com/Shibboleth.sso/NIM/POST"/>
98
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://sp.example.com/Shibboleth.sso/NIM/Artifact"/>
99
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://sp.example.com/Shibboleth.sso/SAML2/POST" index="1"/>
100
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://sp.example.com/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
101
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://sp.example.com/Shibboleth.sso/SAML2/Artifact" index="3"/>
102
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://sp.example.com/Shibboleth.sso/SAML2/ECP" index="4"/>
103
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://sp.example.com/Shibboleth.sso/SAML/POST" index="5"/>
104
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://sp.example.com/Shibboleth.sso/SAML/Artifact" index="6"/>
105
+ </md:SPSSODescriptor>
106
+
107
+ </md:EntityDescriptor>
108
+
109
+ </EntitiesDescriptor>
@@ -0,0 +1,22 @@
1
+ -----BEGIN CERTIFICATE-----
2
+ MIIDnzCCAoegAwIBAgIJAJmro3l2xdbPMA0GCSqGSIb3DQEBBQUAMGYxCzAJBgNV
3
+ BAYTAkpQMREwDwYDVQQHDAhBY2FkZW1lMjEZMBcGA1UECgwQVGVzdCBDZXJ0aWZp
4
+ Y2F0ZTEQMA4GA1UECwwHVGVzdCBTUDEXMBUGA1UEAwwOc3AuZXhhbXBsZS5jb20w
5
+ HhcNMTIwNDE0MTYwNjUzWhcNMjIwNDEyMTYwNjUzWjBmMQswCQYDVQQGEwJKUDER
6
+ MA8GA1UEBwwIQWNhZGVtZTIxGTAXBgNVBAoMEFRlc3QgQ2VydGlmaWNhdGUxEDAO
7
+ BgNVBAsMB1Rlc3QgU1AxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIIBIjANBgkq
8
+ hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwpIelPUN3Z4PdCZDkVuxCx4KviNJtEdU
9
+ N4sBG3HxSPydDO5rxUoPDB1QDKaSAaLs9Xtum3f01iDM+3zHYceu4B/o+2qR3ekL
10
+ aQQuMK/Hcfuq2pNEEQKISBvrS+HbS2KTl4pX36c2pNU/yIhO0Hyj64Jl51TbPM3x
11
+ bfCIcMyiwTm0tZOkcAc3EKvd4cdddvKCPFtkYlk5nimKzrl0iJqwNNs0KDhGU7iU
12
+ cSMZS4kStiXe8etAX7f24PHHEzgIjzlCaFyaSYtlpouc/W8gVxB22g9T47SvQIs8
13
+ NXGvKpPUo9BId+X7PeZZlkf51AWRQBaswbQx1oLxVU9B6aifa2Hq0QIDAQABo1Aw
14
+ TjAdBgNVHQ4EFgQU/d6Ih14tuy33YeULqBdkgW4c4gcwHwYDVR0jBBgwFoAU/d6I
15
+ h14tuy33YeULqBdkgW4c4gcwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOC
16
+ AQEADLjceTxE/7hXdIh8e9Mp02wpu3BHz3BEWoUyDLzJKk0kMsBtBk+hZ8cog/Xa
17
+ ZQxfC5QTIfUkFHwVsbn3T7+JqY7UcsXrXFioA05LbmyelC07UWf9NOBGeYMTegXT
18
+ BSu4hzOqwrT+X9UW1P3WBnGxgXR5he304S6Z9Va0cWgb9pDg6d+F0ewi4rv197wR
19
+ x4YYFmERh/vwkEKGEC5vmi42fS+557zNhFKWlw3lh+h/0wZ4TnHoRna8jo/TQCBB
20
+ eN5g9vNU4hbO/ena003R8kEA5Wu3K/Vct8O6dv1M8KO26hrCwRCsI/W5TuC7xwJL
21
+ oaw/kpczexGvtVhGuMskmcg4dQ==
22
+ -----END CERTIFICATE-----
@@ -0,0 +1,27 @@
1
+ -----BEGIN RSA PRIVATE KEY-----
2
+ MIIEpQIBAAKCAQEAwpIelPUN3Z4PdCZDkVuxCx4KviNJtEdUN4sBG3HxSPydDO5r
3
+ xUoPDB1QDKaSAaLs9Xtum3f01iDM+3zHYceu4B/o+2qR3ekLaQQuMK/Hcfuq2pNE
4
+ EQKISBvrS+HbS2KTl4pX36c2pNU/yIhO0Hyj64Jl51TbPM3xbfCIcMyiwTm0tZOk
5
+ cAc3EKvd4cdddvKCPFtkYlk5nimKzrl0iJqwNNs0KDhGU7iUcSMZS4kStiXe8etA
6
+ X7f24PHHEzgIjzlCaFyaSYtlpouc/W8gVxB22g9T47SvQIs8NXGvKpPUo9BId+X7
7
+ PeZZlkf51AWRQBaswbQx1oLxVU9B6aifa2Hq0QIDAQABAoIBAQCJefkFwshTSHUe
8
+ 2lJviFvlwQpSIljXena08BCONcoIigTluCiJs7RCGQwQhDkx0s6e/OHAE9f43CA5
9
+ qYavPgn/7kwOKNR7+UfIod2JJQpFLU8hNWCorCNi3+c3LJRoBXTHZEaGjn17pfl1
10
+ VWpqwUaJBw+9jiWCJvlpdsTQ/qYY49EslHreuEwhO+sJCqD07uQzVD2xSh/PNAR7
11
+ ibp6pRGA8xAtKs2RffHi4LXk2gCH7gwl3iC3Rwk6e9daw0H9dr36zA5v8yAoRlyB
12
+ UetAW5BuQwhGnIrqLdoCmdxA1CFWGnSP0VZsn5v8KiyTx4+IUg+wxoVtPpBpb+kn
13
+ jmlIylnhAoGBAP1vvG+puXpi6w+81Tv3ImmlCOBphMtRuPVEtJZoYw0pzD4ZPj7K
14
+ 6O0Bgi4InTygJj5TdLocF1tKHYka/bX+8ChdivD/7wDYABRvj9ecQ4mRhfYz+XFW
15
+ vi1OZ+PFoWM+XvdwxxdfZX2ye3q4YrIXSqDpVEjCDP7jwtnlx8jNC5qVAoGBAMSJ
16
+ 8/UDleO5IWK4rb55658V9yWX0VcEOm3kQMjqq92zKgWuPA6b9Aux//AErsAa8BHo
17
+ hTzqhXXX+GYizfMpLRNa+y8hjeL1RkH62LO8llLaUxWycmbXhQ4D8+WsN7PNd4mx
18
+ XTG+NL1wwEZJcbHLK2xBsLaKS0IhaAl1qsP7I7xNAoGAfsY4/aZqCKWYrguootFx
19
+ 3mTWtuMxsT8VBWOz7hUTj08cQuf/sgtwTrZVd0+Jz/zQhJbcqghJSrodYislRLfd
20
+ TGPWj82GseZay94ulw0s35Dy8QB4w9A/W4x//XkrzOgzOxWoEbH/o8v3ZqD7hdiO
21
+ 1UVCiw6+z3YBT1xY/sJLDq0CgYEAmRNpc1gLkoZKvn1gtY54Ojv9dsY8Qi4E5Dp3
22
+ SwWcPtygyjPeivJkrgdBdEvxX6abfRdBTyTKNfK0gbhx+AYGGaEvKpJT1IV85z7d
23
+ MYCdBIMPW0LVX8xU0Ym6mRP9fol1pUUDdQ7UPQhoeVYSu4umknbHkCU+YI9sXJHN
24
+ Iz+jobECgYEA5hQz1mtl/DIDsOarkmlxqlp6UKPyMdOeLZazyhWOMxbdQyeEl3Cd
25
+ p2dD5X6D065qwtvYQQbfD0FpsPTLG4pO/DwjhozRnMtbiXXti48/F8UWt8s6jUFc
26
+ YUJw8FLSS4cRl8YfVPGOQkaiOHf5FKxUr4Gq44e1eHhpCAI8X7f8dp4=
27
+ -----END RSA PRIVATE KEY-----
@@ -0,0 +1,3 @@
1
+ -----BEGIN CERTIFICATE-----
2
+ MIIDozCCAougAwIBAgIJAM4RrKvcNVYiMA0GCSqGSIb3DQEBBQUAMGgxCzAJBgNVBAYTAkpQMREwDwYDVQQHDAhBY2FkZW1lMjEZMBcGA1UECgwQVGVzdCBDZXJ0aWZpY2F0ZTERMA8GA1UECwwIVGVzdCBJZFAxGDAWBgNVBAMMD2lkcC5leGFtcGxlLmNvbTAeFw0xMjA0MTMwMzMxMjNaFw0xMjA1MTMwMzMxMjNaMGgxCzAJBgNVBAYTAkpQMREwDwYDVQQHDAhBY2FkZW1lMjEZMBcGA1UECgwQVGVzdCBDZXJ0aWZpY2F0ZTERMA8GA1UECwwIVGVzdCBJZFAxGDAWBgNVBAMMD2lkcC5leGFtcGxlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAPQTaONZxbLElsl5wr7UdV6YpsV21wTe5GOUja7D+mcct8TJLcFu7m/OaK3qlsGYL0IdrTOHbhjgJlWzb03eIbFxFDuorDBnDVSoi2k917DJyBx4lUng+28EAqCUhuXv41XbX30ILL7CO1DxQ6UBhOYgGTx0SbNhOQsdWojJlDuRA9IG2s2dg9KWkT9j9t29OftR8Y6OVmui6MdLOgXHT3NARFN9sHYFbOntFZjRbp70c+wzIOZVF0bmq4UFyLp8xQVdKlNz6oo/QAVgTA9NMG3hhrY36hsFuAHBCbAadKhQMIit3KWbBSb1TyprO3iW/lftIti9XAaX/L+RSH4FvqsCAwEAAaNQME4wHQYDVR0OBBYEFAQBsI28WO2nZomTF4wO183+mJ13MB8GA1UdIwQYMBaAFAQBsI28WO2nZomTF4wO183+mJ13MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAEkmE0x1kqejIDD/f/xc17hnqw3NnrO++gmV2qI32dXRD/fwuf4mP4DSCin1B/8+OYLyJqMYR4eYPFlusM4FnbsETzcdjXWBBzYqdyNAyj1VLeDarAIM2oFrc3p4EMzciK45e4tj7Td5Od//5LOQZPn3uFaFcEiK8fT8Zv9QZMJhw2ZuY7+dGhJuIU1ECYI3U2UM0o70uuAsI4vLleB40t/CfL0c2l6/dCkouNa5I1r9P1kgIIrAUMtjxBgAziCRHiU9WXEYXW6lKEFD5O2ZaElQPQf1CCCRCxPIgk8VupTE00cUTD6LzaNgugi1RlXP1NCK8NmORZQLEg7n38vHCiI=
3
+ -----END CERTIFICATE-----
@@ -0,0 +1,18 @@
1
+ ---
2
+ idp_lists:
3
+ https://idp.example.com/idp/shibboleth:
4
+ certificate: ! '-----BEGIN CERTIFICATE-----
5
+
6
+ MIIDozCCAougAwIBAgIJAM4RrKvcNVYiMA0GCSqGSIb3DQEBBQUAMGgxCzAJBgNVBAYTAkpQMREwDwYDVQQHDAhBY2FkZW1lMjEZMBcGA1UECgwQVGVzdCBDZXJ0aWZpY2F0ZTERMA8GA1UECwwIVGVzdCBJZFAxGDAWBgNVBAMMD2lkcC5leGFtcGxlLmNvbTAeFw0xMjA0MTMwMzMxMjNaFw0xMjA1MTMwMzMxMjNaMGgxCzAJBgNVBAYTAkpQMREwDwYDVQQHDAhBY2FkZW1lMjEZMBcGA1UECgwQVGVzdCBDZXJ0aWZpY2F0ZTERMA8GA1UECwwIVGVzdCBJZFAxGDAWBgNVBAMMD2lkcC5leGFtcGxlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAPQTaONZxbLElsl5wr7UdV6YpsV21wTe5GOUja7D+mcct8TJLcFu7m/OaK3qlsGYL0IdrTOHbhjgJlWzb03eIbFxFDuorDBnDVSoi2k917DJyBx4lUng+28EAqCUhuXv41XbX30ILL7CO1DxQ6UBhOYgGTx0SbNhOQsdWojJlDuRA9IG2s2dg9KWkT9j9t29OftR8Y6OVmui6MdLOgXHT3NARFN9sHYFbOntFZjRbp70c+wzIOZVF0bmq4UFyLp8xQVdKlNz6oo/QAVgTA9NMG3hhrY36hsFuAHBCbAadKhQMIit3KWbBSb1TyprO3iW/lftIti9XAaX/L+RSH4FvqsCAwEAAaNQME4wHQYDVR0OBBYEFAQBsI28WO2nZomTF4wO183+mJ13MB8GA1UdIwQYMBaAFAQBsI28WO2nZomTF4wO183+mJ13MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAEkmE0x1kqejIDD/f/xc17hnqw3NnrO++gmV2qI32dXRD/fwuf4mP4DSCin1B/8+OYLyJqMYR4eYPFlusM4FnbsETzcdjXWBBzYqdyNAyj1VLeDarAIM2oFrc3p4EMzciK45e4tj7Td5Od//5LOQZPn3uFaFcEiK8fT8Zv9QZMJhw2ZuY7+dGhJuIU1ECYI3U2UM0o70uuAsI4vLleB40t/CfL0c2l6/dCkouNa5I1r9P1kgIIrAUMtjxBgAziCRHiU9WXEYXW6lKEFD5O2ZaElQPQf1CCCRCxPIgk8VupTE00cUTD6LzaNgugi1RlXP1NCK8NmORZQLEg7n38vHCiI=
7
+
8
+ -----END CERTIFICATE-----'
9
+ saml2_http_redirect: https://idp.example.com/idp/profile/SAML2/Redirect/SSO
10
+ sp_lists:
11
+ https://sp.example.com/shibboleth:
12
+ certificate: ! '-----BEGIN CERTIFICATE-----
13
+
14
+
15
+ MIIDnzCCAoegAwIBAgIJAOibZtWndr86MA0GCSqGSIb3DQEBBQUAMGYxCzAJBgNVBAYTAkpQMREwDwYDVQQHDAhBY2FkZW1lMjEZMBcGA1UECgwQVGVzdCBDZXJ0aWZpY2F0ZTEQMA4GA1UECwwHVGVzdCBTUDEXMBUGA1UEAwwOc3AuZXhhbXBsZS5jb20wHhcNMTIwNDEzMDMzMjI1WhcNMTIwNTEzMDMzMjI1WjBmMQswCQYDVQQGEwJKUDERMA8GA1UEBwwIQWNhZGVtZTIxGTAXBgNVBAoMEFRlc3QgQ2VydGlmaWNhdGUxEDAOBgNVBAsMB1Rlc3QgU1AxFzAVBgNVBAMMDnNwLmV4YW1wbGUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA34MFSNC1wGMrBp/OyzoNFwiDIpmri3BSNbPbmeFKhJfukwAwyYRxhGAz/OQAxruS0DriQ73RcSe6f0WEW+URKkdgx+MiUHghyqNtVjlhNhRSL19kVdddBkFtNSh0/2iA384x0PcXIpfEB9jonX25LGQN9GJWPHamievkj4MwI0cwU4mC9Su8kD2BSccoNpb68pwEI+JizFXTSe9IcA1tJvvxmkecVCTZhS2ztbSm24PUlu7igWruVH/jqtj3YeJMZvKgj6NiwdXOL6+hVuJKO/eNB96yztH3v4KSb3JEE2/2w6K5FSX8qsKDZ/VAq7FRXOwRKYdaX2pNMgWtvr0T/wIDAQABo1AwTjAdBgNVHQ4EFgQUhxf8wd5vCyK8bdWCB2ZkmJwW5F4wHwYDVR0jBBgwFoAUhxf8wd5vCyK8bdWCB2ZkmJwW5F4wDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEAzdQxcUNXP4izy2Yoz2yUlmt5jjQX89uRxrGv6Hf11D3vxiZz4Srxzi8v2Pz77A3Q7qqrIlV6uXj0WvojnalNl2ExY/a1WRz4tO8aI6WsQ7T97UZ2tlJEvR65htIbM27x3j7Ui6xlNcGsm6hlMsm7jUF9oPC2xrSc+sk1ggANkKTpZ/Ui2dkKutLTPMa5KUGkZGOUMrv0xxkUC6zp4bQb6t++4YL4pkY7s+PVOYjZmM1ARM2QP/O6ZeSLe4LQNQS8WfRq0dmNk/QKOqTLIH7ppDar6i7oc1m+sJ+zskhTZnYWzUk6STa6uAfWJ3Z7ILRuorZXobhI0ENI4hv2yYEsWQ==
16
+
17
+ -----END CERTIFICATE-----'
18
+ saml2_http_post: https://sp.example.com/Shibboleth.sso/SAML2/POST
@@ -0,0 +1,20 @@
1
+ MIIDozCCAougAwIBAgIJAM4RrKvcNVYiMA0GCSqGSIb3DQEBBQUAMGgxCzAJBgNV
2
+ BAYTAkpQMREwDwYDVQQHDAhBY2FkZW1lMjEZMBcGA1UECgwQVGVzdCBDZXJ0aWZp
3
+ Y2F0ZTERMA8GA1UECwwIVGVzdCBJZFAxGDAWBgNVBAMMD2lkcC5leGFtcGxlLmNv
4
+ bTAeFw0xMjA0MTMwMzMxMjNaFw0xMjA1MTMwMzMxMjNaMGgxCzAJBgNVBAYTAkpQ
5
+ MREwDwYDVQQHDAhBY2FkZW1lMjEZMBcGA1UECgwQVGVzdCBDZXJ0aWZpY2F0ZTER
6
+ MA8GA1UECwwIVGVzdCBJZFAxGDAWBgNVBAMMD2lkcC5leGFtcGxlLmNvbTCCASIw
7
+ DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAPQTaONZxbLElsl5wr7UdV6YpsV2
8
+ 1wTe5GOUja7D+mcct8TJLcFu7m/OaK3qlsGYL0IdrTOHbhjgJlWzb03eIbFxFDuo
9
+ rDBnDVSoi2k917DJyBx4lUng+28EAqCUhuXv41XbX30ILL7CO1DxQ6UBhOYgGTx0
10
+ SbNhOQsdWojJlDuRA9IG2s2dg9KWkT9j9t29OftR8Y6OVmui6MdLOgXHT3NARFN9
11
+ sHYFbOntFZjRbp70c+wzIOZVF0bmq4UFyLp8xQVdKlNz6oo/QAVgTA9NMG3hhrY3
12
+ 6hsFuAHBCbAadKhQMIit3KWbBSb1TyprO3iW/lftIti9XAaX/L+RSH4FvqsCAwEA
13
+ AaNQME4wHQYDVR0OBBYEFAQBsI28WO2nZomTF4wO183+mJ13MB8GA1UdIwQYMBaA
14
+ FAQBsI28WO2nZomTF4wO183+mJ13MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEF
15
+ BQADggEBAEkmE0x1kqejIDD/f/xc17hnqw3NnrO++gmV2qI32dXRD/fwuf4mP4DS
16
+ Cin1B/8+OYLyJqMYR4eYPFlusM4FnbsETzcdjXWBBzYqdyNAyj1VLeDarAIM2oFr
17
+ c3p4EMzciK45e4tj7Td5Od//5LOQZPn3uFaFcEiK8fT8Zv9QZMJhw2ZuY7+dGhJu
18
+ IU1ECYI3U2UM0o70uuAsI4vLleB40t/CfL0c2l6/dCkouNa5I1r9P1kgIIrAUMtj
19
+ xBgAziCRHiU9WXEYXW6lKEFD5O2ZaElQPQf1CCCRCxPIgk8VupTE00cUTD6LzaNg
20
+ ugi1RlXP1NCK8NmORZQLEg7n38vHCiI=
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rack-saml
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.3
4
+ version: 0.0.4
5
5
  prerelease:
6
6
  platform: ruby
7
7
  authors:
@@ -9,19 +9,30 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2012-04-10 00:00:00.000000000 Z
12
+ date: 2012-04-14 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: ruby-saml
16
- requirement: &70354144248580 !ruby/object:Gem::Requirement
16
+ requirement: &70289036886900 !ruby/object:Gem::Requirement
17
17
  none: false
18
18
  requirements:
19
19
  - - ~>
20
20
  - !ruby/object:Gem::Version
21
- version: 0.4.7
21
+ version: 0.5.2
22
22
  type: :runtime
23
23
  prerelease: false
24
- version_requirements: *70354144248580
24
+ version_requirements: *70289036886900
25
+ - !ruby/object:Gem::Dependency
26
+ name: rspec
27
+ requirement: &70289036886520 !ruby/object:Gem::Requirement
28
+ none: false
29
+ requirements:
30
+ - - ! '>='
31
+ - !ruby/object:Gem::Version
32
+ version: '0'
33
+ type: :development
34
+ prerelease: false
35
+ version_requirements: *70289036886520
25
36
  description: SAML middleware for Rack (using ruby-saml)
26
37
  email:
27
38
  - toyokazu@gmail.com
@@ -55,6 +66,19 @@ files:
55
66
  - rack-saml.gemspec
56
67
  - Rakefile
57
68
  - README.md
69
+ - spec/fixtures/config_idp.yml
70
+ - spec/fixtures/config_sp.yml
71
+ - spec/fixtures/conv_metadata_test.rb
72
+ - spec/fixtures/idp_cert.pem
73
+ - spec/fixtures/idp_key.pem
74
+ - spec/fixtures/metadata-with-newline.xml
75
+ - spec/fixtures/metadata-without-newline.xml
76
+ - spec/fixtures/metadata.xml
77
+ - spec/fixtures/sp_cert.pem
78
+ - spec/fixtures/sp_key.pem
79
+ - spec/fixtures/test.pem
80
+ - spec/fixtures/test.yml
81
+ - spec/fixtures/test2.pem
58
82
  homepage: ''
59
83
  licenses: []
60
84
  post_install_message:
@@ -79,4 +103,17 @@ rubygems_version: 1.8.17
79
103
  signing_key:
80
104
  specification_version: 3
81
105
  summary: SAML middleware for Rack (using ruby-saml)
82
- test_files: []
106
+ test_files:
107
+ - spec/fixtures/config_idp.yml
108
+ - spec/fixtures/config_sp.yml
109
+ - spec/fixtures/conv_metadata_test.rb
110
+ - spec/fixtures/idp_cert.pem
111
+ - spec/fixtures/idp_key.pem
112
+ - spec/fixtures/metadata-with-newline.xml
113
+ - spec/fixtures/metadata-without-newline.xml
114
+ - spec/fixtures/metadata.xml
115
+ - spec/fixtures/sp_cert.pem
116
+ - spec/fixtures/sp_key.pem
117
+ - spec/fixtures/test.pem
118
+ - spec/fixtures/test.yml
119
+ - spec/fixtures/test2.pem